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DETAILED ACTION 

1 . This is in response to the amendment filed on 1 1 October 2007. 

2. Claims 1 and 4-1 1 are pending in the application. 

3. Claims 1 and 4-1 1 have been rejected. 

4. Claims 2, 3 and 12-72 have been cancelled. 

Response to Arguments 

5. Applicant's arguments with respect to claims 1-72 have been considered but are moot in view 
of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 1 and 4-6 are rejected under 35 U.S.C. 103(a) as being unpatentable over Cheng 
et al U.S. Patent No. 6,418,130 Bl in view of Dole U.S. Patent No. 6,628,786 Bl. 

As to claim 1, Cheng et al discloses a method of re-authenticating and protecting wireless 
communication security [column 3, lines 44-65], comprising the steps of: a) performing a 
secondary authentication protocol between a wireless client electronic system (client) and a 
wireless network access point electronic system (AP) using a key lease generated by 
performance of a primary authentication protocol [column 6, lines 26-44], wherein the key lease 
includes a key lease period for indicating a length of time in which the key lease is valid for 
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using the secondary authentication protocol instead of the primary protocol [column 6, lines 26- 
44], and wherein the second authentication protocol includes the steps of: a(i) transmitting the 
key lease from the client to the AP [column 6, lines 26-44]. Cheng et al discloses transmitting 
the key lease from the client to the AP [column 6, lines 26-44]. Cheng et al discloses that the 
key lease includes an encryption key for use in the secondary authentication protocol [column 6, 
lines 26-44]. 

Cheng et al does not teach a(ii) generating a first random number associated with the 
client and a second random number associated with the AP, wherein the key lease includes an 
encryption key for use in the secondary authentication protocol. Cheng et al does not teach a(iii) 
transmitting the first random number to the AP and the second random number to the client. 
Cheng et al does not teach b) if the secondary authentication protocol is successful, generating a 
session encryption key for encrypting communication traffic between the client and the AP, 
wherein the generating comprises: b(i) applying a hash function and the encryption key to the 
first random number and the second random number to determine the session encryption key. 
Cheng et al does not teach using the encryption key, the first random number, the second random 
number, and a hash function to determine the session encryption key. Cheng et al does not teach 
applying an HMAC-MD5 algorithm and the encryption key on a concatenation of the first 
random number and the second random number to determine the session encryption key. Cheng 
et al does not teach applying a HMAC-SHA-1 algorithm and the encryption key on a 
concatenation of the first random number and the second random number to determine the 
session encryption key. 
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Dole teaches generating a first random number associated with the client and a second 
random number associated with the AP [column 6, lines 5-27]. Dole teaches transmitting the 
first random number to the AP and the second random number to the client [column 6, lines 5- 
27]. Dole teaches using the encryption key, the first random number, the second random 
number, and a hash function to determine the session encryption key [column 6, lines 28-36], 
Dole teaches applying a HMAC-MD5 algorithm and the encryption key on a concatenation of 
the first random number and the second random number to determine the session encryption key 
[column 6 line 50 to column 7 line 2], Dole teaches applying a HMAC-SHA-1 algorithm and the 
encryption key on a concatenation of the first random number and the second random number to 
determine the session encryption key [column 6 line 50 to column 7 line 2]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Cheng et al so that random numbers would have 
been generated at the client and the AP. The client's random number would have been 
transmitted to the AP and the AP's random number would have been transmitted to the client. 
The two random numbers would have been concatenated. A hashing function and an encryption 
key would have been applied to the concatenated random numbers. The concatenated random 
numbers would have been hashed with either a HMAC-MD5 or a HMAC-SHA-1 hashing 
function. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Cheng et al by the teaching of Dole because this method 
improves the quality of entropy by allowing machines with no physical source of entropy to 
gather entropy by communicating with other machines and insure that machines that generate 
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many random session keys do not run the risk of depleting their local supplies of entropy 
[column 4, lines 45-60]. 

As to claim 6, Cheng et al teaches generating a first session encryption key for encrypting 
communication traffic from the client to the AP [column 6 line 45 to column 7 line 6]. Cheng et 
al teaches generating a second session encryption key for encrypting communication traffic from 
the AP to the client [column 6 line 45 to column 7 line 6]. 

7. Claims 7-11 are rejected under 35 U.S.C. 103(a) as being unpatentable over Cheng et al 
U.S. Patent No. 6,418,130 Bl and Dole U.S. Patent No. 6,628,786 Bl as applied to claim 1 
above, and further in view of Kessler et al U.S. Patent No. 6,789,147 Bl. 

As to claims 7-11, the Cheng-Dole combination does not teach using the encryption key, 
the first random number, the second random number, a first media access control (MAC) address 
associated with the client, a second media access control (MAC) address associated with the AP, 
and a hash function to determine the first and second session encryption keys. The Cheng-Dole 
combination does not teach applying a HMAC-MD5 algorithm and the encryption key on a 
concatenation of the first random number, the second random number, the first media access 
control (MAC) address associated with the client, and the second media access control (MAC) 
address associated with the AP to determine the first session encryption key. The Cheng-Dole 
combination does not teach applying a HMAC-SHA-1 algorithm and the encryption key on a 
concatenation of the first random number, the second random number, the first media access 
control (MAC) address associated with the client, and the second media access control (MAC) 
address associated with the AP to determine the first session encryption key. The Cheng-Dole 
combination does not teach applying a HMAC-MD5 algorithm and the encryption key on a 
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concatenation of the first random number, the second random number, the second media access 
control (MAC) address associated with the AP, and the first media access control (MAC) address 
associated with the client to determine the second session encryption key. The Cheng et al-Dole 
combination does not teach applying a HMAC-SHA-1 algorithm and the encryption key on a 
concatenation of the first random number, the second random number, the second media access 
control (MAC) address associated with the AP, and the first media access control (MAC) address 
associated with the client to determine the second session encryption key. 

Kessler et al teaches using a encryption key, a first random number, a second random 
number, a first media access control (MAC) address associated with the client, a second media 
access control (MAC) address associated with the AP, and a hash function to determine a first 
and second session encryption keys [column 5, lines 18-37]. Kessler et al teaches applying a 
HMAC-MD5 algorithm and a encryption key on a concatenation of a first random number, a 
second random number, a first media access control (MAC) address associated with a client, and 
a second media access control (MAC) address associated with a AP to determine a first session 
encryption key [column 7 line 54 to column 8 line 10]. Kessler et al teaches applying a HMAC- 
SHA-1 algorithm and a encryption key on a concatenation of a first random number, a second 
random number, a first media access control (MAC) address associated with a client, and a 
second media access control (MAC) address associated with a AP to determine a first session 
encryption key [column 7 line 54 to column 8 line 10]. Kessler et al teaches applying a HMAC- 
MD5 algorithm and a encryption key on a concatenation of a first random number, a second 
random number, a second media access control (MAC) address associated with a AP, and a first 
media access control (MAC) address associated with a client to determine a second session 
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encryption key [column 7 line 54 to column 8 line 10]. Kessler et al teaches applying a HMAC- 
SHA-1 algorithm and a encryption key on a concatenation of a first random number, a second 
random number, a second media access control (MAC) address associated with a AP, and a first 
media access control (MAC) address associated with a client to determine a second session 
encryption key [column 7 line 54 to column 8 line 10]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified the Cheng-Dole combination so that a encryption 
key, a first random number, a second random number, a first media access control (MAC) 
address associated with the client, a second media access control (MAC) address associated with 
the AP, and a hash function would have been used to determine a first and second session 
encryption keys. The first session encryption key would have been determined by applying 
either a HMAC-MD5 or HMAC-SHA-l hashing function and a encryption key to the 
concatenation of a first random number, a second random number, a first media access control 
(MAC) address associated with a client, and a second media access control (MAC) address 
associated with a AP. The second session encryption key would have been determined by 
applying either a HMAC-MD5 or HMAC-SHA-l hashing function and a encryption key to the 
concatenation of a first random number, a second random number, a first media access control 
(MAC) address associated with a client, and a second media access control (MAC) address 
associated with a AP. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified the Cheng-Dole combination by the teaching of Kessler et 
al because it provides a system that does not require a large amount of resources to be consumed 
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with establishing secure sessions and it reduces latency and provides enhanced security [column 
2, lines 27-39]. 

Conclusion 

8. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K. Moorthy whose telephone number is 571-272-3793. 
The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Aravind K Moorthy 
December 20, 2007 
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